• Home
  • |
  • Blog
  • |
  • How To Fix CVE-2021-35003(4)- A Remote Code Execution Vulnerability On TP-Link Products
A Remote Code Execution Vulnerability in TP-Link Products

There are a couple of vulnerabilities were discovered on a couple of TP-Link products. The vulnerabilities identified as CVE-2021-35003 and CVE-2021-35004 are rated Critical & High and assigned CVSS scores of 9.8 & 8.8. It is worth knowing about the vulnerabilities as these flaws allow There are a couple of vulnerabilities discovered in a couple of TP-Link products. The vulnerabilities identified as CVE-2021-35003 and CVE-2021-35004 are rated Critical & High and assigned CVSS scores of 9.8 & 8.8. The vulnerabilities are worth knowing as these flaws allow attackers to execute code with the highest privileges from remote. We have created this post to create awareness about these vulnerabilities and want our readers to know how to fix them up. Let’s see How to Fix CVE-2021-35003(4)- A Remote Code Execution vulnerability in TP-Link Products.

Summary Of The CVE-2021-35003:

The flaw is due to improper handling of DNS requests. A specially crafted DNS message can trigger an overflow of a fixed length. This caused a stack buffer overflow. An attacker can exploit this stack buffer overflow vulnerability to execute code with root privileges from the remote.

In other words, we could say that this vulnerability could let remote attackers execute arbitrary code without authentication in the affected TP-Link product.

Since this vulnerability affects TP-Link Archer C90 1.0.6 Build 20200114 rel.73164(5553) WiFi routers, we recommend all the users of TP-Link Archer C90 AC1900 WiFi router to verify the build information and fix the CVE-2021-35003 vulnerability as soon as possible.

Associated CVE IDCVE-2021-35003
DescriptionA remote code execution vulnerability in TP-Link Archer C90 AC1900 WiFi Router
Associated ZDI IDZDI-CAN-14655
CVSS Score9.8 Critical
VectorCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score5.9
Exploitability Score3.9
Attack Vector (AV)Network
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)High
Integrity (I)High
availability (a)High

Summary Of The CVE-2021-35004:

The flaw is due to improper handling of DNS requests. A specially crafted DNS message can trigger an overflow of a fixed length. This caused a stack buffer overflow. An attacker can exploit this stack buffer overflow vulnerability to execute code with root privileges from the remote.

In other words, we could say that this vulnerability could let remote attackers execute arbitrary code without authentication in the affected TP-Link product.

Since this vulnerability affects TP-Link TL-WA1201 1.0.1 Build 20200709 rel.66244(5553) wireless access points, we recommend all the users of TP-LinkTL-WA1201 wireless access points to verify the build information and fix the CVE-2021-35004 vulnerability as soon as possible.

Associated CVE IDCVE-2021-35004
DescriptionA remote code execution vulnerability in TP-LinkTL-WA1201 wireless access point
Associated ZDI IDZDI-CAN-14656
CVSS Score8.8 High
VectorCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score5.9
Exploitability Score2.8
Attack Vector (AV)Adjacent
Attack Complexity (AC)Low
Privilege Required (PR)None
User Interaction (UI)None
ScopeUnchanged
Confidentiality (C)High
Integrity (I)High
availability (a)High

How To Fix CVE-2021-35003(4)- A Remote Code Execution Vulnerability On TP-Link Products?

The only possible way to fix CVE-2021-35003( & CVE-2021-350034 buffer overflow and RCE vulnerabilities is to upgrade the firmware of your TP-Link products to the latest version. TP-Link has fixed these vulnerabilities by rolling out new firmware updates. Let’s see how to fix CVE-2021-35003 and CVE-2021-35004 in TP-Link Archer C90 AC1900 WiFi Router and TP-LinkTL-WA1201 wireless access points, respectively.

How To Fix CVE-2021-35003 On TP-Link Archer C90 AC1900 WiFi Router?

All the firmware v6 and below are affected by the vulnerability. Upgrade your TP-Link Archer C90 AC1900 WiFi Router firmware to v6 and above to fix the CVE-2021-35003 vulnerability. Please download the firmware from https://www.tp-link.com/us/support/download/archer-c90/#Firmware.

How to Fix CVE-2021-35004 on TP-LinkTL-WA1201 wireless access point?

All the firmware v2 and below are affected by the vulnerability. Upgrade your firmware of TP-LinkTL-WA1201 wireless access point to v2 and above fix the CVE-2021-35004 vulnerability. Please download the firmware from https://www.tp-link.com/us/support/download/tl-wa1201/#Firmware.

However, before you start upgrading the firmware process, we need you to read these IMPORTANT points.

  1. Please upgrade firmware only from the local TP-Link official website. Local TP-Link official site means the regional website of the purchase location for your TP-Link device. Otherwise, you may lose your product warranty. Click here to visit the website of your region.
  2. Before you proceed firmware upgrade process, please verify the hardware version of your device. Wrong firmware upgrade may damage your device and void the warranty. (Normally Vx.0=Vx.6/Vx.8 (eg:V1.0=V1.6/V1.8); Vx.x0=Vx.x6/Vx.x8 (eg:V1.20=V1.26/V1.28). Click here to see how to find the hardware version of your TP-Link device.
  3. Do NOT turn off the power during the upgrade process, as it may cause permanent damage to the product.
  4. It is recommended to upload firmware with a wired connection to avoid wireless disconnect problems during the firmware upgrade process.
  5. Disconnect all other devices from the device until the completion of the upgrade process.

How To Upgrade Firmware On TP-Link Router And Access Point?

How to Upgrade Firmware on TP-Link Router and Access Point?

  1. Download the latest firmware version for your device

    Go to download center for your Region on the TP-Link website. Then, select your product from the drop down list.  Choose the correct hardware version, click on ‘Firmware’.  A list of available firmware will be shone.
    Download the latest firmware version for your TP-Link device

  2. Extract the downloaded file

    Use WinZip or WinRar applications and extract the Zip file.

  3. Login to the TP-Link device web management page

    Router:
    Connect your computer, phone, or tab to the TP-Link router either by Wired or Wirelessly. Open the browser and type “http://tplinkwifi.net” in the address bar to access the web management page. Visit this page for more details.


    Extender or Access Point:
    Connect your computer, phone, or tab to the TP-Link access point either. Open the browser and type“192.168.0.254” or the domain name “tplinkrepeater.net” in the address bar to access the web management page. Visit this page for more details.

  4. Upgrade the Firmware of TP-Link device

    Router:

    1. Click on System Tools-Firmware Upgrade (or Firmware).
    2. Click on Browse/Choose File and choose the extracted file.
    3. Click the Upgrade button.  The device will reboot to complete the process.
    Note: Sometimes you may lose your router to factory settings. Run the Quick Setup Wizard to reconfigure your TP-Link router.  Visit here for more details.


    Access Point:

    1. Click System Tools–Backup & Restore, and save the current settings to a location. It is recommended to take a backup of your access points settings because you may lose all your setting in this process.
    2. Click on System Tools–Firmware Upgrade.
    3. Click on Browse button and choose the extracted file.
    4. Click the Upgrade button. The device will reboot to complete the process. Visit here for more details.

We hope this post will help you know How to Fix CVE-2021-35003(4)- A Remote Code Execution Vulnerability on TP-Link Products. Thanks for reading this threat post. Please share this post and help to secure the digital world. Visit our social media page on FacebookLinkedInTwitterTelegramTumblr, & Medium and subscribe to receive updates like this. 

About the author

Arun KL

To know more about me. Follow me on LinkedIn
Hi All, I am Arun KL, an IT Security Professional. Founder of “thesecmaster.com”. Enthusiast, Security Blogger, Technical Writer, Editor, Author at TheSecMaster. To know more about me. Follow me on LinkedIn

Leave a Reply

Your email address will not be published. Required fields are marked

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

Learn Something New with Free Email subscription

Email is also one of the ways to be in touch with us. Our free subscription plan offers you to receive post updates straight to your inbox.